A recent survey conducted by cybersecurity solutions provider OPSWAT has revealed that despite improvements in defense strategies, cybersecurity threats to industrial control systems (ICS) are still considered severe and high. The survey, called the SANS 2023 ICS/OT Cybersecurity Survey, identified the top three priorities for ICS security programs in 2023 as network visibility, risk assessments, and transient device threat detection.
The survey highlighted the increasing interconnectedness and complexity of ICS/OT environments, which provide efficiency and innovation but also expose organizations to greater vulnerabilities from cyber threats. According to Dean Parsons, a SANS Certified Instructor and ICS/OT cybersecurity assessment expert, the survey showed both positive changes and areas for improvement. While there have been significant efforts in key areas, there is still a lack of commitment in evolving domains. However, there has been increased investment in asset inventorying, ICS/OT visibility and detection systems, and training staff with specific ICS security skills.
The survey found that respondents were particularly concerned about incidents involving malware threats or attackers breaching the IT business network, which then enabled access to the ICS/OT environment. Compromises in IT systems leading to threats entering OT/ICS networks ranked highest, followed by compromises of engineering workstations and external remote services. Understanding these specific vectors within the top threat vector is crucial for effective threat mitigation.
The survey also highlighted a trend towards IT/OT staff convergence, with 38% of respondents responsible for both ICS and IT security. This represents an increase in responsibilities compared to the previous year. Furthermore, the survey revealed that cybersecurity solution providers are frequently consulted when signs of infection or infiltration emerge, highlighting the need for specialized expertise in incident response. However, a quarter of respondents were unsure if they had an exercised and documented plan for operating ICS engineering systems in reduced capacity, and only 56% currently have a dedicated ICS/OT Incident Response Plan.
Yiyi Miao, OPSWAT’s Chief Product Officer, emphasized the importance of a proactive approach to cybersecurity in building resilient critical infrastructure. OPSWAT aims to empower organizations to protect their vital systems through effective industry-leading solutions. The company encourages organizations to download the SANS ICS/OT Cybersecurity Survey to understand the challenges and defenses in the field.
The SANS Institute, established in 1989, is a trusted provider of cybersecurity training and certification. It offers more than 60 courses taught by renowned instructors at in-person and virtual cybersecurity events. GIAC, an affiliate of the SANS Institute, validates practitioner skills through technical certifications. SANS Security Awareness provides organizations with a comprehensive security awareness solution, while the Internet Storm Center operates the Internet’s early warning system.
OPSWAT, a global leader in IT, OT, and ICS critical infrastructure cybersecurity, has been providing end-to-end solutions for the past 20 years. The company’s platform offers zero-trust solutions and patented technologies to secure networks, data, and devices, preventing known and unknown threats. OPSWAT’s mission is to protect the world’s critical infrastructure and ensure the security of daily life.
In conclusion, the SANS 2023 ICS/OT Cybersecurity Survey highlights the ongoing concerns and challenges in protecting industrial control systems from cyber threats. While progress has been made in defense strategies, there is still work to be done in areas such as network visibility, risk assessments, and incident response planning. Organizations are increasingly recognizing the need for collaboration between IT and OT staff and the importance of specialized expertise in cybersecurity incident response. Proactive measures and investments in cybersecurity solutions are crucial for safeguarding critical infrastructure and ensuring a secure future.